3
0
mirror of https://github.com/jlu5/PyLink.git synced 2024-11-27 21:19:31 +01:00

Add SSL linking support (#80)

TODO: implement fingerprint checking (optional) and a genssl script to ease SSL certificate generation.
This commit is contained in:
James Lu 2015-08-10 20:24:55 -07:00
parent cdb0bb6707
commit 18cd3bdd88
2 changed files with 22 additions and 3 deletions

View File

@ -53,6 +53,12 @@ servers:
# PyLink might introduce a nick that is too long and cause netsplits! # PyLink might introduce a nick that is too long and cause netsplits!
maxnicklen: 30 maxnicklen: 30
# Toggles SSL for this network. Defaults to false if not specified, and requires the
# ssl_certfile and ssl_keyfile options to work.
# ssl: true
# ssl_certfile: pylink-cert.pem
# ssl_keyfile: pylink-key.pem
ts6net: ts6net:
ip: 127.0.0.1 ip: 127.0.0.1
port: 7000 port: 7000

19
main.py
View File

@ -7,6 +7,7 @@ import time
import sys import sys
from collections import defaultdict from collections import defaultdict
import threading import threading
import ssl
from log import log from log import log
import conf import conf
@ -73,13 +74,25 @@ class Irc():
ip = self.serverdata["ip"] ip = self.serverdata["ip"]
port = self.serverdata["port"] port = self.serverdata["port"]
while True: while True:
log.info("Connecting to network %r on %s:%s", self.name, ip, port)
self.initVars() self.initVars()
try: try:
self.socket = socket.socket()
self.socket.setblocking(0)
# Initial connection timeout is a lot smaller than the timeout after # Initial connection timeout is a lot smaller than the timeout after
# we've connected; this is intentional. # we've connected; this is intentional.
self.socket = socket.create_connection((ip, port), timeout=self.pingfreq) self.socket.settimeout(self.pingfreq)
self.socket.setblocking(0)
if self.serverdata.get('ssl'):
log.info('(%s) Attempting SSL for this connection...', self.name)
certfile = self.serverdata.get('ssl_certfile')
keyfile = self.serverdata.get('ssl_keyfile')
if certfile and keyfile:
self.socket = ssl.wrap_socket(self.socket, certfile=certfile, keyfile=keyfile)
else:
log.warning('(%s) SSL certfile/keyfile was not set correctly. '
'SSL will be disabled for this connection.', self.name)
log.info("Connecting to network %r on %s:%s", self.name, ip, port)
self.socket.connect((ip, port))
self.socket.settimeout(self.pingtimeout) self.socket.settimeout(self.pingtimeout)
self.proto.connect(self) self.proto.connect(self)
self.spawnMain() self.spawnMain()